Table of Contents

About Log360

Log360 is your one-stop solution for all log management and network security challenges. It is an integrated solution that combines EventLog Analyzer, ADAudit Plus, and Cloud Security Plus into a single console to help you manage your network security, Active Directory auditing, and public cloud management easily.

Release Overview

5.1 (GA)

Build 5166

Released on 17 May, 2020

Fix:

This release includes fixes for the unauthenticated change to integration system configuration vulnerability.

Build 5164

Released on 28 Apr, 2020

New features:

Integrated Cloud Security Plus reports: You can now integrate Cloud Security Plus reports in Log360 and view all the reports under the Log360 reports tab.

Centralized SSL configuration: You can configure SSL centrally from Log360 for the components.

Enhancement:

Workgroup Servers: Workgroup servers will be synchronized in ELA and ADAP automatically.

Build 5160

Released on 28 Feb, 2020

Fix

Issue in mail synchronization has been fixed.

Build 5155

Released on 16 Jan, 2020

Fix

Issue in EventLog Analyzer's integration with Log360 due to the presence of multiple unpingable devices has been fixed.

New feature

New feature

Compliance management: Log360 now has a dedicated tab for managing compliance requirements. It contains ready-made reports to prove compliance with IT mandates such as PCI DSS and HIPAA.

Build 5120

Released on 4 July, 2019

New features

New login settings

Captcha has been included in the login page for increased security.

Block users: You can now set a threshold for login attempts. On reaching that threshold, the user will be blocked from trying to login for a specific period.

Smart card authentication: The use of smart cards/PKI/certificates has been enabled as additional options for Log360 login. If you have such an authentication system configured in your organization, Log360 can be configured to authenticate users through it, bypassing other first factor methods.

Two-factor authentication: Log360 now provides an extra layer of security for its users by supporting two-factor authentication during login. Supported authentication methods include:

Duo Security

RSA SecurID

RADIUS Authentication

Google Authenticator

Email verification

SMS verification

SSL Certification tool to help you easily generate CSR and apply SSL certificates in Log360 to make the product safer for data transfer.

Database migration: Now you can easily change Log360's bundled PostgreSQL database to Microsoft SQL Server or another instance of PostgreSQL from the web console.

New Feature

Fix

Issue in integrating EventLog Analyzer's Linux instance with Log360 has been fixed.

Build 5108

Released on 8 May, 2019

New feature

New language options: Log360 now supports Chinese and Japanese in addition to English.

Enhancement

The graphs in the EventLog Analyzer dashboard of Log360 have been enhanced for easy inference.

Build 5107

Released on 15 Apr, 2019

New features

Active Directory Reporting Add-on: Get insights into critical Active Directory security incidents that could help seal the insider attacks. With this add-on, get over 45 predefined report templates that provide details on AD objects such as:

Cross Site Scripting (XSS) vulnerability issue in the search and reports page (CVE-2018-7405) raised by Suresh Khutale has been fixed.

Vulnerability issue of remote code execution when uploaded by an agent (DDI-VRT-2018-10) has been fixed.

Build 5043

Released on 19 Feb, 2018

New Feature

ManageEngine O365 Manager Plus, an Office 365 reporting, management, auditing, and alerting tool is now integrated with Log360. With this integration, get access to general and audit reports, and create alerts for critical events in Exchange Online and Azure Active Directory.

Office 365 Reporting: Access an exhaustive list of reports to get deep insights on Exchange Online and Azure Active Directory and comply with industry mandates like SOX, PCI DSS, FISMA, HIPAA, and GLBA.

Three new predefined correlation rules that detect suspicious SQL backup, installation of services and software.

Logs from syslog and other devices can be forwarded to any server including file servers and Windows servers.

Build 5039

Released on 8 Dec, 2017

New Feature

GDPR compliance reports: Offers predefined report templates to help you easily comply with the GDPR's requirements.

Build 5038

Released on 29 Nov, 2017

New Features

Reports of both ADAuditPlus and EventLog Analyzer have been consolidated and can be viewed in the same window.

Enhancements

The mechanism of recording the log flow rate has been changed.

An extra field "Display name" has been added to the pre-defined reports and search section.

Fixes

The issue with parsing of fields for NPS events occurring on Windows Server 2016 has been fixed.

Addition of VMware reports for created and deleted VMs (Event IDs: 13002 and 13003).

The issue with the Solaris user account management report and SUDO command execution report has been fixed.

Issue with populating of web traffic reports for WatchGuard has been fixed.

The issue with the policy changes report for Symantec devices has been fixed.

The issue with exporting reports from the "My Reports" category in EventLog Analyzer has been fixed.

Build 5036

Released on 17 Oct, 2017

New Features

The Correlation Engine has been completely upgraded to bring you complex attack detection across all devices on your network, enhanced field-level correlation, improved incident reports with timeline view, and much more:

Multiple log format support: Correlation is now carried out across multiple log formats, enabling you to correlate logs from Windows and Unix systems, network devices, and more.

Enhanced field-level correlation: Correlation can be done based on multiple log field values to provide fine-grained attack detection.

Malicious IP and URL alerts: Upon analyzing the threat feeds and log data from the network, the solution sends out real-time alerts if suspicious traffic or out going traffic to malicious domain is detected.

Build 5030

Released on August 4th, 2017

Log360 now supports NTLMv2 authentication.

You can now automatically back up PostgreSQL database of EventLog Analyzer and Log 360.

Build 5024

Released on July 19th, 2017

Host synchronisation mechanism has been enhanced.

Inherited hosts that are disabled due to license expiry or limit exceeding license count, cannot be enabled.

If a host has been added in one of the components, then it will be inherited automatically in the other component.